Hi Eric, Thanks for replying. I actually did the call to getRequestUrl in the way you suggested, with both parameters set to true. I just never heard back from Google :-( about this request, which is the reason for this post (in other words, AuthSubUtil does not seem to be properly processing my request, and does not redirect back to my application as expected.
-Patricia > -----Original Message----- > From: [email protected] > [mailto:[EMAIL PROTECTED] On Behalf Of > Eric (Google) > Sent: Monday, November 24, 2008 1:21 PM > To: Google Docs Data APIs > Subject: Re: AuthSub not working well with secure tokens? > > > Hi Patricia, > > The Base API group you mentioned is for the Base Data API: > http://code.google.com/apis/base/ > > The best place to post for Auth issues is in that group: > http://groups.google.com/group/Google-Accounts-API/topics > > That being said, I also monitor the Accounts forum :) If > you're using secure AuthSub, you need to request a token with > secure=1: > > boolean secure = true > boolean sesssion = true > String requestUrl = > AuthSubUtil.getRequestUrl("http://www.example.com/RetrieveToken";, > "http://docs.google.com/feeds/";, > secure , > sesssion ); > > and on subsequent requests (even the token upgrade), use your > RSA private key for signing: > http://code.google.com/apis/gdata/authsub.html#request-session-token > > java.security.PrivateKey privateKey = > AuthSubUtil.getPrivateKeyFromKeystore("AuthSubExample.jks", > "changeme", > "AuthSubExample", > "changeme"); String sessionToken = AuthSubUtil.exchangeForSessionToken > (onetimeUseToken, > privateKey); > > Information on how to create a key using Java keytool: > http://code.google.com/apis/gdata/authsub.html#Registered > > And upload the public certificate to ManageDomain as described here: > http://code.google.com/apis/accounts/docs/RegistrationForWebAp > psAuto.html > > Cheers, > Eric > > On Nov 24, 10:44 am, "Patricia Goldweic" <[EMAIL PROTECTED]> > wrote: > > I have just posted this email to the google Base Data apis > group, but > > I wonder if anybody in this group may have a suggestion. > > Thanks in advance, > > -Patricia > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of > > > patriciaG > > > Sent: Monday, November 24, 2008 12:33 PM > > > To: Google Base Data API > > > Subject: [Google-Base-API] AuthSub not working well with secure > > > tokens? > > > > > I've recently started experimenting with AuthSub to > programmatically > > > update the sharing permissions over individual Google docs. This > > > seemed to be working fine when I was using unsecure > tokens that were > > > eventually exchanged for a session token (I'm using the > Java client > > > library for this). > > > However, when I tried switching to requesting a secure token from > > > Google, I stopped getting the redirects from Google with the one > > > time token. > > > In other words, when I make the call: > > > > > String requestUrl = > > > > AuthSubUtil.getRequestUrl("http://www.mydomain.com/RetrieveToken";, > > > > "http://www.google.com/calendar/feeds/";, > > > false, > > > true); > > > > > The url in my application: "http://www.mydomain.com/RetrieveToken"; > > > DOES NOT GAIN CONTROL of the http request process, and so I can > > > neither retrieve the one time token, nor do anything else at that > > > point (no Java exceptions or error messages are generated by > > > Google). > > > > > Can somebody suggest what the problem is here, and how > can I resolve > > > it? > > > Thanks in advance, > > > -Patricia > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Docs Data APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Docs-Data-APIs?hl=en -~----------~----~----~----~------~----~------~--~---
